We are looking for a SOC Manager / Security Operations Specialist to strengthen operational security capabilities, optimise SIEM and EDR monitoring, and establish structured incident response processes for our enterprise client.
Details:
Location: Prague, Czech Republic — Hybrid (preferred 2× per week on-site, final model discussed with client)
Allocation: Full-Time
Contract: B2B, Long-Term
Language: Czech (mandatory) + English
Responsibilities
- Assess the current SOC/SIEM environment and propose improvements for monitoring, alerting, and escalation processes.
- Configure, optimise, and evaluate alerts in SIEM (Microsoft Sentinel) and EDR (SentinelOne).
- Develop and maintain Incident Response playbooks, procedures, and escalation workflows.
- Perform ongoing monitoring of security events, triage alerts, manage incident backlog and support escalations.
- Drive improvements in operational security areas: MFA enforcement, AD hardening, MDM/Intune, patching, EDR coverage.
- Analyse logs, identify suspicious activities, and ensure follow-up with IT and security teams.
- Prepare regular SOC and security posture reports for CIO/CISO.
Requirements:
- Experience in SOC, SIEM management, Incident Response, or Security Operations.
- Hands-on experience with SOC tooling (Microsoft Sentinel, SentinelOne, Intune, AD).
- Practical understanding of attack vectors, MITRE ATT&CK, threat detection, and IR lifecycle.
- Ability to analyse logs, recognise anomalies, and structure incident handling.
- Strong communication skills for reporting, escalation, and cooperation with leadership teams.